-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
Am 01.09.2014 16:17, schrieb AUser ZUser: > Hello Can someone please help me with the following question. I > have a code signing certicate in my X509 store "LocalMachine\My" > which I can use for signing PowerShell scripts for example > Set-AuthenticodeSignature ./MyScript.ps1 -certificate ( gci > cert:\LocalMachine\My -CodeSigning) No worries there >> From the information I have re "AthentiCode" as above, the only >> file > formats it currently supports are > > * .cab files * .cat files * .ctl files * .dll files * .exe files * > .ocx and > > Now the UNIX guys also need their .JAR files signing (they do not > have the code signing cert) So I want thinking along the following > lines but need some help please I downloaded OpenSSL for Windows > and Install What I want to do use OpenSSL from the Windows command > line to sign a .jar file I do not want to expose the code signing > certificate by having is as a flat file (e.g. CodeSigningCert.pfx) > on the file system, rather I would prefer to keep it in the X509 > store (whereby the private key is not exportable) and refer to the > cert on the OpenSSL command line when signing the .jar file. For JAR signing you might want to refer to [1] - the things written there are not specific to CAcert, but give a general outline. > Is this possible? Not without exposing it on the filesystem as far as I know. JarSigner (the Tool from Java) wants to have it in its own keystore, which is a file on disk. > can any one please show me a few command line examples? Sure. Have a look at the link I gave. > if this is not possible is there another utility I can use to > achive the above See above. > Thanks All AAnotherUser__ Regards, BenBE. [1] http://wiki.cacert.org/CodesigningCert#How_can_I_use_my_code_signing_certificate.3F_.28java_example.29 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJUBWV0AAoJEPHTXLno4S6tNWoP/2kGhOZ+Lmi3dpzp88tayG5Q nx4Tfyk8GyjoWwxOQ0Vgfrq6yf157AqWjmXEQ9fk/1vT7cW5mdlAfOI5mAcDRIzW ED+gB9x7Ch/GP6f7T8i985h9pDpmFX/8QZDucRr4phEYJxNERvC+jjNIscN+lY8U M230hfUgGZdlQ7OtPX0Jvy+frNG0c/hqrFSfR3xQNkEyh1OAcmRUwDjoW7kk4STJ da+cLj1mIRXEIkTMed0VpDEM0L58ZEbx5OsXNwXvFiItGDsO28YH4uvQ+RvQA8Km hUKfEnxnVHPGJJ77PTbYHtvYQnmZ0iz5kuA3ORM8RyknKtL8/Gtr6cJWva60xwyg isnd45OlHhj74wH8PI3HT3snvv1rKIZG60SYV4v48Qk790Zuy6FH3h8VbHn255Mw n0NDyhFwl3vzOnoE92MFpSXfiS6z0oz+YLKd7o4ZWGJe/pog9vy0BweNMBfls9tI y+xcARivHcsqxB1BdTZ+NIcxFzHwxXeGQyeVyMDeyZz8/hF7Sioqrwu+3agEEioC tTk3da1ImQx6mo1zmxC52afqyIGaX7qTVfXnXeUVyoeDvl1tlJgeh93s4gQJKi52 nZG2jAqkx0oR5YHwHP+RlTXBD47PKGEl94ncCEF/6wneRKIx+jklmXvXFS7DPVR4 ZH2JtDxR77LKW+0Fx1z8 =W8pg -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
